sherpa-onnx-tts
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads pre-compiled binary runtimes and voice models for macOS, Linux, and Windows from the official Sherpa-ONNX GitHub repository.
- [COMMAND_EXECUTION]: A Node.js wrapper script executes the downloaded Sherpa-ONNX binary using the
spawnSyncmethod. The script also dynamically modifies environment variables such asLD_LIBRARY_PATHandDYLD_LIBRARY_PATHat runtime to ensure the engine can locate its shared library dependencies.
Audit Metadata